If you bought Verizon's first 4G phone, start checking for updates now: the carrier has finally approved the Android 4.0 update (codenamed Ice Cream Sandwich) for the HTC Thunderbolt. The only problem? The Thunderbolt has been on the market since March of 2011, and Ice Cream Sandwich came out seven months later in October—not exactly a great turn-around time.
For anyone still using a Thunderbolt, it's nice that the phone is being updated at all rather than being fated to run Gingerbread forever, as has been the case for so many other phones. But the Thunderbolt's update still sums up pretty much everything that's wrong with the Android ecosystem's ever-worsening software fragmentation problems: this phone is still two major updates behind the current release of Android, and it's only receiving the update as the first customers who bought the phone on a two-year contract are becoming eligible for a new phone anyway.
The new features that many Android users are missing out on are just part of the problem—the more pressing issue is security. Flaws in the built-in Android browser, apps, and the Android operating system itself are going completely unpatched for months or years, which stands in sharp contrast with the more rapid security patches that Microsoft publishes for Windows (just to pick a prominent example).
Activist Chris Soghoian, speaking at the Kaspersky Lab Security Analyst Summit about Android's update problems, puts it the most succinctly: “You don’t need a zero-day to attack Android if consumers are running 13-month-old software.”
There's enough blame to spread around here—all of the OEMs are slow to publish updates, if they publish them at all. The mobile phone carriers introduce additional delays with their validation and testing procedures—Verizon is by far the worst offender in this regard, as even Verizon Galaxy Nexus handsets (which, in theory, should receive direct-from-Google updates promptly) are still waiting for news about November's Android 4.2 update. Google's proposed Android Update Alliance was mentioned briefly at Google I/O in 2011 before vanishing, never to be heard from again. With Gingerbread (and older versions) still accounting for well over 50 percent of all Android devices, it's clear that something needs to be done about this issue—it's just not clear that anyone is going to step up and do it.
Promoted Comments
Just because 'new stuff' is introduced on the Internet doesn't grant you the right to demand that your old phone can join in on the fun.
Problem is there is no way to get one with out the other. Security fixes are only included in the new versions of the OS that also have new features. Currently on Android this even includes the browser. Sure you can install other browsers and update them independently but the stock browser is still there and I'm sure still exploitable.
You must login or create an account to comment.